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CLAIMS 

What is claimed is: 

1 1. A telephony security system located within one or more locations of an 

2 enterprise for monitoring and/or controlling incoming and outgoing calls between a 

3 public circuit-switched network for provision of circuit-switched circuits to the public, 

4 wherein a physical circuit is temporarily established on demand and kept reserved for the 

5 user until the network receives a disconnect signal and one or more end-user stations 

6 located within an enterprise's one or more locations, said telephony security system 

7 comprising: 



8 one or more rules associated with the one or more end-user stations located within 

9 the enterprise's one or more locations, 

10 said one or more rules associated with the one or more end-user stations located 

11 within the enterprise's one or more locations designating at least one action to be 



12 performed based on at least one attribute of an incoming and outgoing call between the 

13 public circuit-switched network and the one or more end-user stations located within the 

14 enterprise's one or more locations, 



15 said at least one attribute of the incoming and outgoing call between the public 

16 circuit-switched network and the one or more end-user stations located within the 

17 enterprise 's one or more locations is from a group including: 

18 the call direction, 

19 the call source, 

20 the call destination, 
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21 the call type, 

22 the keyword detected in the call content, 

23 the call connect time, 

24 the call start date, 

25 the call start time, 

26 the call end date, 

27 the call end time, 

28 the call duration, 

29 the identifier for the extension or direct connect line carrying the call, 

30 the PBX trunk through which the call is processed, 

31 the channel through which the call is processed, 

32 the digits dialed prior to the base phone number, and 

33 the digits dialed after the base phone number; 

34 means for determining said at least one attribute of the incoming and outgoing call 

35 between the public circuit-switched network and the one or more end-user stations 

36 located within the enterprise's one or more locations; and 

37 means for performing said at least one action in accordance with said one or more 

38 rules associated with the one or more end-user stations located within the enterprise's one 

39 or more locations. 
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1 2. The telephony security system as defined in Claim 1 wherein said call type 

2 attribute is from a group including: 

3 voice, 

4 fax, 

5 data transfer (modem), 

6 STU-III-voice, 

\ 

7 STU-III-data, 

8 STU-III-unspecified, 

9 wideband, 

10 wideband video, 

1 1 busy, 

12 unanswered, and 

13 undetermined. 

1 3. The telephony security system as defined in Claim 1 wherein said at least 

2 one action is from a group including: 

3 allowing the call, 

4 denying the call, 

5 redirecting the call, 

6 recording the call content, 

7 encrypting the call, 
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8 sending a tone, 

9 sending a message, 

10 logging the call, 

1 1 generating a report, and 

12 providing an alert, 

13 adjusting the security policy, and 

14 performing one or more designated assessments, 

15 said one or more designated assessments including either or both of: 

16 authenticating an inbound call for remote access, and 

1 7 monitoring the call content for keywords. 

1 4. The telephony security system as defined in Claim 3 wherein one or more 

2 of said at least one action is performed using a remote management server and/or other 

3 peripheral device, 

4 said remote management server and/or other peripheral device performing said 

5 one or more of said at least one action from a group including: 

6 logging the call, 

7 recording the call content, 

8 monitoring the call content for keywords, 

9 generating a report, 

10 providing an alert, and 
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1 1 adjusting the security policy. 

1 5. The telephony security system as defined in Claim 3 wherein one or more 

2 of said at least one action may be preempted and/or complemented by a system 

3 administrator manually selecting one or more preemptive/complementary actions from a 

4 group including: 

5 allowing the call, 

6 denying the call, 

7 redirecting the call, 

8 logging the call, 

9 recording the call content, 

10 encrypting the call, 

1 1 generating a report, 

12 providing an alert, 

13 adjusting the security policy, and 

14 performing one or more assessments. 

1 6. The telephony security system as defined in Claim 3 wherein said action of 

2 generating a report includes generating at least one report from a group including: 

3 a post-event report, 

4 a schedule-generated report, 
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5 an ad hoc report, 

6 a batch analysis report, 

7 a trend report, and 

8 a difference/comparison report. 



1 7. The telephony security system as defined in Claim 3 wherein said action of 

2 generating an alert notification includes generating at least one alert notification from a 

3 group including: 

4 an electronic mail notification, 

5 a pager alerting notification, 

6 a console messaging notification, and 

7 a Simple Network Management Protocol (SNMP) trap. 
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1 8. A telephony security system located within a public circuit-switched 

2 network for monitoring and/or controlling incoming and outgoing calls between a public 

3 circuit-switched network for provision of circuit-switched circuits to the public, wherein a 

4 physical circuit is temporarily established on demand and kept reserved for the user until 

5 the network receives a disconnect signal, and one or more end-user stations located within 

6 an enterprise's one or more locations, said telephony security system comprising: 

7 one or more rules associated with the one or more end-user stations located within 

8 the enterprise's one or more locations, 

9 said one or more rules associated with the one or more end-user stations located 

10 within the enterprise's one or more locations designating at least one action to be 

1 1 performed based on at least one attribute of an incoming and outgoing call between the 

12 public circuit-switched network and the one or more end-user stations located within the 

13 enterprise's one or more locations, 

14 said at least one attribute of the incoming and outgoing call between the public 

15 circuit-switched network and the one or more end-user stations located within the 

16 enterprise 's one or more locations is from a group including: 

17 the call direction, 

18 the call source, 

19 the call destination, 

20 the call type, 

21 the keyword detected in the call content. 

22 the call connect time, 
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23 the call start date, 

24 the call start time, 

25 the call end date, 

26 the call end time, 

27 the call duration, 

28 the identifier for the extension or direct connect line carrying the call, 

29 the PBX trunk through which the call is processed, 

30 the channel through which the call is processed, 

31 the digits dialed prior to the base phone number, and 

32 the digits dialed after the base phone number; 

33 means for determining said at least one attribute of the incoming and outgoing call 

34 between the public circuit-switched network and the one or more end-user stations 

35 located within the enterprise 's one or more locations; and 

36 means for performing said at least one action in accordance with said one or more 

37 rules associated with the one or more end-user stations located within the enterprise's one 

38 or more locations. 

1 9. The telephony security system as defined in Claim 8 wherein said call type 

2 attribute is from a group including: 

3 voice, 

4 fax, 
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5 data transfer (modem), 

6 STU-III-voice, 

7 STU-III-data, 

8 STU-III-unspecified, 

9 wideband, 

10 wideband video, 

1 1 busy, 

12 unanswered, and 

13 undetermined. 

t 10. The telephony security system as defined in Claim 8 wherein said at least 

2 one action is from a group including: 

3 allowing the call, 

4 denying the call, 

5 redirecting the call, 

6 recording the call content, 

7 encrypting the call, 

8 sending a tone, 

9 sending a message, 

10 logging the call, 
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1 1 generating a report, and 

12 providing an alert. 

13 adjusting the security policy, and 

14 performing one or more designated assessments, 

15 said one or more assessments include either or both of: 

16 authenticating an inbound call for remote access, and 

17 monitoring the call content for keywords. 

1 11. The telephony security system as defined in Claim 10 wherein one or more 

2 of said at least one action is performed using a remote management server and/or other 

3 peripheral device, 

4 said remote management server and/or other peripheral device performing said 

5 one or more of said at least one action from a group including: 

6 logging the call, 

7 recording the call content, 

8 monitoring the call content for keywords, 

9 generating a report, 

10 providing an alert, and 

1 1 adjusting the security policy. 
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1 12. The telephony security system as defined in Claim 10 wherein one or more 

2 of said at least one action may be preempted and/or complemented by a system 

3 administrator manually selecting one or more preemptive/complementary actions from a 

4 group including: 

5 allowing the call, 

6 denying the call, 

7 redirecting the call, 

8 logging the call, 

9 recording the call content, 

10 encrypting the call, 

1 1 generating a report, 

1 2 providing an alert, 

13 adjusting the security policy, and 

14 performing one or more assessments. 



1 13. The telephony security system as defined in Claim 10 wherein said action 

2 of generating a report includes generating at least one report from a group including: 

3 a post-event report, 

4 a schedule-generated report, / 

5 an ad hoc report, 

6 a batch analysis report, 
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7 a trend report, and 

8 a difference/comparison report. 

1 14. The telephony security system as defined in Claim 10 wherein said action 

2 of generating an alert notification includes generating at least one alert notification from a 

3 group including: 

4 an electronic mail notification, 

5 a pager alerting notification, 

6 a console messaging notification, and 

7 a Simple Network Management Protocol (SNMP) trap. 
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1 15. A method for monitoring and/or controlling incoming and outgoing calls 

2 between a public circuit-switched network for provision of circuit-switched circuits to the 

3 public, wherein a physical circuit is temporarily established on demand and kept reserved 

4 for the user until the network receives a disconnect signal, and one or more end-user 

5 stations located within an enterprise's one or more locations, said method comprising the 

6 following steps to be performed within the public circuit-switched network: 

7 establishing one or more rules associated with the one or more end-user stations 

8 located within the enterprise's one or more locations, 

9 said one or more rules associated with the one or more end-user stations located 

10 within the enterprise's one or more locations designating at least one action to be 

11 performed based on at least one attribute of an incoming and outgoing call between the 

12 public circuit-switched network and the one or more end-user stations located within the 

13 enterprise's one or more locations, 

14 said at least one attribute of the incoming and outgoing call between the public 

15 circuit-switched network and the one or more end-user stations located within the 

16 enterprise 's one or more locations is from a group including: 

17 the call direction, 

18 the call source, 

19 the call destination, 

20 the call type, 

21 the keyword detected in the call content. 

22 the call connect time, 
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23 the call start date, 

24 the call start time, 

25 the call end date, 

26 the call end time, 

27 the call duration, 

28 the identifier for the extension or direct connect line carrying the call, 

29 the PBX trunk through which the call is processed, 

30 the channel through which the call is processed, 

31 the digits dialed prior to the base phone number, and 

32 the digits dialed after the base phone number; 

33 determining said at least one attribute of the incoming and outgoing call between 

34 the public circuit-switched network and the one or more end-user stations located within 

35 the enterprise 's one or more locations; and 

36 performing said at least one action in accordance with said one or more rules 

37 associated with the one or more end-user stations located within the enterprise's one or 

38 more locations. 
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1 16. A telephony security system located within one or more locations of an 

2 enterprise for monitoring and/or controlling incoming and outgoing calls between a 

3 public packet-switched network for provision of packet-switched circuits to the public, 

4 wherein data is carried in the form of packets and one or more end-user stations located 

5 within an enterprise's one or more locations, said telephony security system comprising: 

6 one or more rules associated with the one or more end-user stations located within 

7 the enterprise's one or more locations, 



8 said one or more rules associated with the one or more end-user stations located 

9 within the enterprise's one or more locations designating at least one action to be 

10 performed based on at least one attribute of an incoming and outgoing call packet 

11 between the public packet-switched network and the one or more end-user stations 

12 located within the enterprise's one or more locations, 

13 said at least one attribute of the incoming and outgoing call packet between the 

14 public packet-switched network and the one or more end-user stations located within the 

15 enterprise 's one or more locations is from a group including: 

16 the call direction, 

17 the call source, 

18 the call destination, 

19 the call type, 

20 the keyword detected in the call content, 

21 call connect time, 

22 the call start date, 
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23 the call start time, 

24 the call end date, 

25 the call end time, 

26 the call duration, 

27 the codec used, 

28 the number of bytes from the call source, 

29 the number of bytes from the call destination, 

30 the number of packets from the call source, 

31 the number of packets from the call destination, 

32 source transmission rate, 

33 destination transmissions rate, 

34 source latency, 

35 destination latency, 

36 source jitter, 

37 destination j itter, 

38 source packet loss, 

39 destination packet loss, and 

40 total bandwidth used; 

41 means for determining said at least one attribute of the incoming and outgoing call 



42 packet between the public packet-switched network and the one or more end-user stations 

43 located within the enterprise 's one or more locations; and 
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44 means for performing said at least one action in accordance with said one or more 

45 rules associated with the one or more end-user stations located within the enterprise's one 

46 or more locations. 

1 17. The telephony security system as defined in Claim 15 wherein said call 

2 type attribute is from a group including: 

3 IP voice, 

4 busy, 

5 unanswered, and 

6 undetermined. 

1 18. The telephony security system as defined in Claim 15 wherein said at least 

2 one action is from a group including: 

3 allowing the call, 

4 denying the call, 

5 redirecting the call, 

6 recording the call content, 

7 encrypting the call, 

8 sending a tone, 

9 sending a message, 

10 logging the call, 
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1 1 generating a report, and 

12 providing an alert. 

13 adjusting the security policy, and 

14 performing one or more designated assessments, 

15 said one or more assessments include either or both of: 

16 authenticating an inbound call for remote access, and 

17 monitoring the call content for keywords. 

1 19. The telephony security system as defined in Claim 18 wherein one or more 

2 of said at least one action is performed using a remote management server and/or other 

3 peripheral device, 

4 said remote management server and/or other peripheral device performing said 

5 one or more of said at least one action from a group including: 

6 logging the call, 

7 recording the call content, 

8 monitoring the call content for keywords, 

9 generating a report, 

10 providing an alert, and 

1 1 adjusting the security policy. 
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1 20. The telephony security system as defined in Claim 18 wherein one or more 

2 of said at least one action may be preempted and/or complemented by a system 

3 administrator manually selecting one or more preemptive/complementary actions from a 

4 group including: 

5 allowing the call, 

6 denying the call, 

7 redirecting the call, 

8 logging the call, 

9 recording the call content, 

10 encrypting the call, 

1 1 generating a report, 

12 providing an alert, 

13 adjusting the security policy, and 

14 performing one or more assessments. 

1 21. The telephony security system as defined in Claim 18 wherein said action 

2 of generating a report includes generating at least one report from a group including: 

3 a post-event report, 

4 a schedule-generated report, 

5 an ad hoc report, 

6 a batch analysis report, 
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7 a trend report, and 

8 a difference/comparison report. 

1 22. The telephony security system as defined in Claim 18 wherein said action 

2 of generating an alert notification includes generating at least one alert notification from a 

3 group including: 

4 an electronic mail notification, 

5 a pager alerting notification, 

6 a console messaging notification, and 

7 a Simple Network Management Protocol (SNMP) trap. 
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1 23. A method for monitoring and/or controlling incoming and outgoing calls 

2 between a public packet-switched network for provision of packet-switched circuits to the 

3 public, wherein data is carried in the form of packets and one or more end-user stations 

4 located within an enterprise's one or more locations, said method comprising the 

5 following steps to be performed within one or more locations of an enterprise: 

6 establishing one or more rules associated with the one or more end-user 

7 stations located within the enterprise's one or more locations, 

8 said one or more rules associated with the one or more end-user stations 

9 located within the enterprise's one or more locations designating at least one 

10 action to be performed based on at least one attribute of an incoming and outgoing 

1 1 call packet between the public packet-switched network and the one or more end- 

12 user stations located within the enterprise's one or more locations, 

13 said at least one attribute of the incoming and outgoing call packet 

14 between the public packet-switched network and the one or more end-user stations 

15 located within the enterprise 's one or more locations is from a group including: 

16 the call direction, 

17 the call source, 

1 8 the call destination, 

19 the call type, 

20 the keyword detected in the call content, 

21 call connect time, 

22 the call start date, 
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23 the call start time, 

24 the call end date, N 

25 the call end time, 

26 the call duration, 

27 the codec used, 

28 the number of bytes from the call source, 

29 the number of bytes from the call destination, 

30 the number of packets from the call source, 

31 the number of packets from the call destination, 

32 source transmission rate, 

33 destination transmissions rate, 

34 source latency, 

35 destination latency, 

36 source jitter, 

37 destination jitter, 

38 source packet loss, 

39 destination packet loss, and 

40 total bandwidth used; 

41 determining said at least one attribute of the incoming and outgoing call 

42 X packet between the public packet-switched network and the one or more end-user 

43 stations located within the enterprise 's one or more locations; and 
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44 performing said at least one action in accordance with said one or more 

45 rules associated with the one or more end-user stations located within the 

46 enterprise's one or more locations. 



68 

SANANTONIO 40575 lvl 5 1263 -00299 USPT 



Application for Patent 
Inventors: David L. Buntin, et al. 
Atty Docket No.: 51263-00299 USC1 

1 24. A telephony security system located within a public-switched network for 

2 monitoring and/or controlling incoming and outgoing calls between a public packet- 

3 switched network for provision of packet-switched circuits to the public, wherein data is 

4 carried in the form of packets and one or more end-user stations located within an 

5 enterprise's one or more locations, said telephony security system comprising: 

6 one or more rules associated with the one or more end-user stations located 

7 within the enterprise's one or more locations, 

8 said one or more rules associated with the one or more end-user 

9 stations located within the enterprise's one or more locations designating 

10 at least one action to be performed based on at least one attribute of an 

11 incoming and outgoing call packet between the public packet-switched 

12 network and the one or more end-user stations located within the 

1 3 enterprise ' s one or more locations, 

14 said at least one attribute of the incoming and outgoing call packet 

15 between the public packet-switched network and the one or more end-user 

16 stations located within the enterprise 's one or more locations is from a 

17 group including: 

18 the call direction, 

19 the call source, 

20 the call destination, 

21 the call type, 

22 the keyword detected in the call content, 

23 the call connect time, 
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24 the call start date, 

25 the call start time, 

26 the call end date, 

27 the call end time, 

28 the call duration, 

29 the codec used, 

30 the number of bytes from the call source, 

3 1 the number of bytes from the call destination, 

32 the number of packets from the call source, 

33 the number of packets from the call destination, 

34 source transmission rate, 

35 destination transmission rate, 

36 source latency, 

37 destination latency, 

38 source jitter, 

39 destination jitter, 

40 source packet loss, 

41 destination packet loss, and 

42 total bandwidth used; 
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43 means for determining said at least one attribute of the incoming and 

44 outgoing call packet between the public packet-switched network and the one or 

45 more end-user stations located within the enterprise's one or more locations; and 

46 means for performing said at least one action in accordance with said one 

47 or more rules associated with the one or more end-user stations located within the 

48 enterprise's one or more locations. 

1 25. The telephony security system as defined in Claim 24 wherein said call 

2 type attribute is from a group including: 

3 IP voice, 

4 busy, 

5 unanswered, and 

6 undetermined. 

1 26. The telephony system as defined in Claim 24 wherein said at least one 

2 action is from a group including: 

3 allowing the call, 

4 denying the call, 

5 redirecting the call, 

6 recording the call content, 

7 encrypting the call, 
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8 sending a tone, 

9 sending a message, 

10 logging the call, 

1 1 generating a report, and 

12 providing an alert. 

13 adjusting the security policy, and 

14 performing one or more designated assessments, 

15 said one or more designated assessments including either or both of: 

16 authenticating an inbound call for remote access, and 

1 7 monitoring the call content for keywords. 

1 27. The telephony security system as defined in Claim 26 wherein one or more 

2 of said at least one action is performed using a remote management server and/or other 

3 peripheral device, 

4 said remote management server and/or other peripheral device performing said 

5 one or more of said at least one action from a group including: 

6 logging the call, 

7 recording the call content, 

8 monitoring the call content for keywords, 

9 generating a report, 

10 providing an alert, and 
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1 1 adjusting the security policy. 

1 28. The telephony security system as defined in Claim 26 wherein one or more 

2 of said at least one action may be preempted and/or complemented by a system 

3 administrator manually selecting one or more preemptive/complementary actions from a 

4 group including: 

5 allowing the call, 

6 denying the call, 

7 redirecting the call, 

8 logging the call, 

9 recording the call content, 

10 encrypting the call, 

1 1 generating a report, 

12 providing an alert, 

13 adjusting the security policy, and 

14 performing one or more assessments. 

1 29. The telephony security system as defined in Claim 26 wherein said action 

2 of generating a report includes generating at least one report from a group including: 

3 a post-event report, 

4 a schedule-generated report, 
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5 an ad hoc report, 

6 a batch analysis report, 

7 a trend report, and 

8 a difference/comparison report. 



1 30. The telephony security system as defined in Claim 26 wherein said action 

2 of generating an alert notification includes generating at least one alert notification from a 

3 group including: 

4 an electronic mail notification, 

5 a pager alerting notification, 

6 a console messaging notification, and 

7 a Simple Network Management Protocol (SNMP) trap. 
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1 31. A telephony security system located within one or more locations of an 

2 enterprise for monitoring and/or controlling incoming and outgoing calls between a 

3 public circuit-switched network for provision of circuit-switched circuits to the public, 

4 wherein a physical circuit is temporarily established on demand and kept reserved for the 

5 user until the network receives a disconnect signal and/or a public packet-switched 

6 network for provision of packet-switched circuits to the public, wherein data is carried in 

7 the form of packets and one or more end-user stations located within an enterprise's one 

8 or more locations, said telephony security system comprising: 

9 one or more rules associated with the one or more end-user stations located 

10 within the enterprise's one or more locations, 

1 1 said one or more rules associated with the one or more end-user stations 

12 located within the enterprise's one or more locations designating at least one 

13 action to be performed based on at least one attribute of an incoming and outgoing 

14 call and/or call packet between the public circuit-switched network and/or the 

15 public packet-switched network and the one or more end-user stations located 

16 within the enterprise's one or more locations, 

17 said at least one attribute of the incoming and outgoing call and/or call 

18 packet between the public circuit-switched network and/or the public packet- 

19 switched network and the one or more end-user stations located within the 

20 enterprise 's one or more locations is from a group including: 

21 the call direction, 

22 the call source, 

23 the call destination, 
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24 the call type, 

25 the keyword detected in the call content, 

26 the call connect time, 

27 the call start date, 

28 the call start time, 

29 the call end date, 

30 the call end time, 

31 the call duration, 

32 the identifier for the extension or direct connect line carrying the 

33 call, 

34 the PBX trunk through which the call is processed, 

35 the channel through which the call is processed, 

36 the digits dialed prior to the base phone number, 

37 the digits dialed after the base phone number, 

38 the codec used, 

39 the number of bytes from the call source, 

40 the number of bytes from the call destination, 

41 the number of packets from the call source, 

42 the number of packets from the call destination, 

43 source transmission rate, 
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44 destination transmission rate, 

45 source latency, 

46 destination latency, 

47 source jitter, 

48 destination j i tter, 

49 source packet loss, 

50 destination packet loss, and 

5 1 total bandwidth used; 

52 means for determining said at least one attribute of the incoming and 

53 outgoing call and/or call packet between the public circuit-switched network 

54 and/or the public packet-switched network and the one or more end-user stations 

55 located within the enterprise's one or more locations; and 

56 means for performing said at least one action in accordance with said one 

57 or more rules associated with the one or more end-user stations located within the 

58 enterprise's one or more locations. 

1 32. The telephony security system as defined in Claim 31 wherein said call 

2 type attribute is from a group including: 

3 voice, 

4 fax, 

5 data transfer (modem), 
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6 STU-III-voice, 

7 STU-III-data, 

8 STU-III-unspecified, 

9 wideband, 

10 wideband video 

1 1 IP voice, 

12 busy, 

13 unanswered, and 

14 undetermined. 
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1 33. The telephony security system as defined in Claim 3 1 wherein said at least 

2 one action is from a group including: 

3 allowing the call, 

4 denying the call, 

5 redirecting the call, 

6 recording the call content, 

7 encrypting the call, 

8 sending a tone, 

9 sending a message, 

10 logging the call, 
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1 1 generating a report, and 

12 providing an alert. 

13 adjusting the security policy, and 

14 performing one or more designated assessments, 

15 said one or more designated assessments including either or both of: 

16 authenticating an inbound call for remote access, or 

17 monitoring the call content for keywords. 

1 34. The telephony security system as defined in Claim 33 wherein one or more 

2 of said at least one action is performed using a remote management server and/or other 

3 peripheral device, 

4 said remote management server and/or other peripheral device performing said 

5 one or more of said at least one action from a group including: 

6 logging the call, 

7 recording the call content, 

8 monitoring the call content for keywords, 

9 generating a report, 

10 providing an alert, and 

1 1 adjusting the security policy. 
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1 35. The telephony security system as defined in Claim 33 wherein one or more 

2 of said at least one action may be preempted and/or complemented by a system 

3 administrator manually selecting one or more preemptive/complementary actions from a 

4 group including: 

5 allowing the call, 

6 denying the call, 

7 redirecting the call, 

8 logging the call, 

9 recording the call content, 

10 encrypting the call, 

1 1 generating a report, 

1 2 providing an alert, 

13 adjusting the security policy, and 

14 performing one or more assessments. 

1 36. The telephony security system as defined in Claim 33 wherein said action 

2 of generating a report includes generating at least one report from a group including: 

3 a post-event report, 

4 a schedule-generated report, 

5 an ad hoc report, 

6 a batch analysis report, 



80 

SANANTONIO 40575W1 51263-00299USPT 



Application for Patent 
Inventors: David L. Buntin, et aL 
Atty Docket No.: 51 263-00299 USC1 



7 a trend report, and 

8 a difference/comparison report. 

1 37. The system as defined in Claim 33 wherein said action of generating an 

2 alert notification includes generating at least one alert notification from a group including: 

3 an electronic mail notification, 

4 a pager alerting notification, 

5 a console messaging notification, and 

6 a Simple Network Management Protocol (SNMP) trap. 
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1 38. A method for monitoring and/or controlling incoming and outgoing calls 

2 between a public circuit-switched network for provision of circuit-switched circuits to the 

3 public, wherein a physical circuit is temporarily established on demand and kept reserved 

4 for the user until the network receives a disconnect signal and/or a public packet-switched 

5 network for provision of packet-switched circuits to the public, wherein data is carried in 

6 the form of packets and one or more end-user stations located within an enterprise's one 

7 or more locations, said method comprising the following steps to be performed within one 

8 or more locations of an enterprise: 

9 establishing one or more rules associated with the one or more end-user 

10 stations located within the enterprise's one or more locations, 

11 said one or more rules associated with the one or more end-user 

12 stations located within the enterprise's one or more locations designating 

13 at least one action to be performed based on at least one attribute of an 

14 incoming and outgoing call and/or call packet between the public circuit- 

15 switched network and/or the public packet-switched network and the one 

16 or more end-user stations located within the enterprise's one or more 

17 locations, 

18 ' said at least one attribute of the incoming and outgoing call and/or 

19 call packet between the public circuit-switched network and/or the public 

20 packet-switched network and the one or more end-user stations located 

21 within the enterprise 's one or more locations is from a group including: 

22 the call direction, 

23 the call source, 
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24 the call destination, 

25 the call type, 

26 the keyword detected in the call content, 

27 the call connect time, 

28 the call start date, 

29 the call start time, 

30 the call end date, 

31 the call end time, 

32 the call duration, 

33 the identifier for the extension or direct connect line carrying the 

34 call, 

35 the PBX trunk through which the call is processed, 

36 the channel through which the call is processed, 

37 the digits dialed prior to the base phone number, 

38 the digits dialed after the base phone number, 

39 the codec used, 

40 the number of bytes from the call source, 

41 the number of bytes from the call destination, 

42 the number of packets from the call source, 

43 the number of packets from the call destination, 
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44 source transmission rate, 

45 destination transmission rate, 

46 source latency, 

47 destination latency, 

48 source jitter, 

49 destination jitter, 

50 source packet loss, 

5 1 destination packet loss, and 

52 total bandwidth used; 

53 determining said at least one attribute of the incoming and outgoing call 

54 and/or call packet between the public circuit-switched network and/or the public 

55 packet-switched network and the one or more end-user stations located within the 

56 enterprise's one or more locations; and 

57 performing said at least one action in accordance with said one or more 

58 rules associated with the one or more end-user stations located within the 

59 enterprise's one or more locations. 
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1 39. A telephony security system located within either a public circuit-switched 

2 network and/or a public packet-switched network for monitoring and/or controlling 

3 incoming and outgoing calls between the public circuit-switched network and/or the 

4 public packet-switched network and one or more end-user stations located within an 

5 enterprise's one or more locations, said telephony security system comprising: 

6 one or more rules associated with the one or more end-user stations located 

7 within the enterprise's one or more locations, 

8 said one or more rules associated with the one or more end-user stations 

9 located within the enterprise's one or more locations designating at least one 

10 action to be performed based on at least one attribute of an incoming and outgoing 

11 call and/or call packet between the public circuit-switched network and/or the 

12 public packet-switched network and the one or more end-user stations located 

13 within the enterprise's one or more locations, 

14 said at least one attribute of the incoming and outgoing call and/or call 

15 packet between the public circuit-switched network and/or the public packet- 

16 switched network and the one or more end-user stations located within the 

17 enterprise 's one or more locations is from a group including: 

18 the call direction, 

19 the call source, 

20 the call destination, 

21 the call type, 

22 the keyword detected in the call content, 

23 the call connect time, 
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24 the call start date, 

25 the call start time, 

26 the call end date, 

27 the call end time, 

28 the call duration, 

29 the identifier for the extension or direct connect line carrying the 

30 call, 

31 the PBX trunk through which the call is processed, 

32 the channel through which the call is processed, 

33 the digits dialed prior to the base phone number, 

34 the digits dialed after the base phone number, 

35 the codec used, 

36 the number of bytes from the call source, 

37 the number of bytes from the call destination, 

38 the number of packets from the call source, 

39 the number of packets from the call destination, 

40 source transmission rate, 

4 1 destination transmission rate, 

42 source latency, 

43 destination latency, 
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44 source jitter, 

45 destination jitter, 

46 source packet loss, 

47 destination packet loss, and 

48 total bandwidth used; 

49 means for determining said at least one attribute of the incoming and 

50 outgoing call and/or call packet between the public circuit-switched network 

51 and/or the public packet-switched network and the one or more end-user stations 

52 located within the enterprise's one or more locations; and 

53 means for performing said at least one action in accordance with said one 

54 or more rules associated with the one or more end-user stations located within the 

55 enterprise's one or more locations. 

1 40. The telephony security system as defined in Claim 39 wherein said call 

2 type attribute is from a group including: 

3 voice, 

4 fax, 

5 data transfer (modem), 

6 STU-III-voice, 

7 STU-III-data, 

8 STU-III-unspecified, 
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9 wideband, 

10 wideband video 

1 1 IP voice, 

12 busy, 

13 unanswered, and 

14 undetermined. 

1 41. The telephony system as defined in Claim 39 wherein said at least one 

2 action is from a group including: 

3 allowing the call, 

4 denying the call, 

5 redirecting the call, 

6 recording the call content, 

7 encrypting the call, 

8 sending a tone, 

9 sending a message, 

10 logging the call, 

1 1 generating a report, and 

12 providing an alert. 

13 adjusting the security policy, and 
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14 performing one or more designated assessments, 

15 whereby options for said one or more assessments include either or both of: 

16 authenticating an inbound call for remote access, and 

17 monitoring the call content for keywords. 

1 42. The telephony security system as defined in Claim 41 wherein one or more 

2 of said at least one action is performed using a remote management server and/or other 

3 peripheral device, 

4 said remote management server and/or other peripheral device performing said 

5 one or more of said at least one action from a group including: 

6 logging the call, 

7 recording the call content, 

8 monitoring the call content for keywords, 

9 generating a report, 

1 0 providing an alert, and 

1 1 adjusting the security policy. 

1 43. The telephony security system as defined in Claim 41 wherein one or more 

2 of said at least one action may be preempted and/or complemented by a system 

3 administrator manually selecting one or more preemptive/complementary actions from a 

4 group including: 
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5 allowing the call, 

6 denying the call, 

7 redirecting the call, 

8 logging the call, 

9 recording the call content, 

10 encrypting the call, 

1 1 generating a report, 

1 2 providing an alert, 

13 adjusting the security policy, and 

14 performing one or more assessments. 

1 44. The telephony security system as defined in Claim 41 wherein said action 

2 of generating a report includes generating at least one report from a group including: 

3 a post-event report, 

4 a schedule-generated report, 

5 an ad hoc report, 

6 a batch analysis report, 

7 a trend report, and 

8 a difference/comparison report. 
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1 45. The telephony security system as defined in Claim 38 wherein said action 

2 of generating an alert notification includes generating at least one alert notification from a 

3 group including: 

4 an electronic mail notification, 

5 a pager alerting notification, 

6 a console messaging notification, and 

7 a Simple Network Management Protocol (SNMP) trap. 
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1 46. A telephony security system located within one or more locations of an 

2 enterprise for centralized monitoring and/or control of incoming and outgoing calls 

3 between a first disparate circuit-switched communications network and a second disparate 

4 packet-switched communications network and one or more end-user stations located 

5 within an enterprise's one or more locations, said telephony security system comprising: 

6 one or more rules associated with the one or more end-user stations located 

7 within the enterprise's one or more locations, 

8 said one or more rules associated with the one or more end-user stations 

9 located within the enterprise's one or more locations designating at least one 

10 action to be performed based on at least one attribute of an incoming and outgoing 

11 call between the first of the one or more disparate communications networks 

12 and/or the second of the one or more disparate communications networks and the 

13 one or more end-user stations located within the enterprise's one or more 

14 locations, 

15 said at least one attribute of the incoming and outgoing call between the 

16 first of the one or more disparate communications networks and/or the second of 

17 the one or more disparate communications networks and the one or more end-user 

18 stations located within the enterprise 's one or more locations is from a group 

19 including: 

20 the call direction, 

21 the call source, 

22 the call destination, 

23 the call type, 
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24 the keyword detected in the call content, 

25 the call connect time, 

26 the call start date, 

27 the call start time, 

28 the call end date, 

29 the call end time, 

30 the call duration, 

31 the identifier for the extension or direct connect line carrying the 

32 call, 

33 the PBX trunk through which the call is processed, 

34 the channel through which the call is processed, 

35 the digits dialed prior to the base phone number, 

36 the digits dialed after the base phone number, 

37 the codec used, 

38 the number of bytes from the call source, 

39 the number of bytes from the call destination, 

40 the number of packets from the call source, 

41 the number of packets from the call destination, 

42 source transmission rate, 

43 destination transmission rate, 
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44 source latency, 

45 destination latency, 

46 source jitter, 

47 destination jitter, 

48 source packet loss, 

49 destination packet loss, and 

50 total bandwidth used; 

51 means for determining said at least one attribute of the incoming and 

52 outgoing call between the first of the one or more disparate communications 

53 networks and/or the second of the one or more disparate communications 

54 networks and the one or more end-user stations located within the enterprise 's 

55 one or more locations; and 

56 means for performing said at least one action in accordance with said one 

57 or more rules associated with the one or more end-user stations located within the 

58 enterprise's one or more locations. 

1 47. The telephony security system as defined in Claim 46 wherein said call 

2 type attribute is from a group including: 

3 voice, 

4 fax, 

5 data transfer (modem), 
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6 STU-III-voice, 

7 STU-III-data, 

8 STU-III-unspecified, 

9 wideband, 

10 wideband video 

1 1 IP voice, 

12 busy, 

13 unanswered, and 

14 undetermined. 

1 48. The telephony security system as defined in Claim 46 wherein said at least 

2 one action is from a group including: 

3 allowing the call, 

4 denying the call, 

5 redirecting the call, 

6 recording the call content, 

7 encrypting the call, 

8 sending a tone, 

9 sending a message, 

10 logging the call, 
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1 1 generating a report, and 

12 providing an alert. 

13 adjusting the security policy, and 

14 performing one or more designated assessments, 

15 said one or more designated assessments including either or both of: 

16 authenticating an inbound call for remote access, and 

17 monitoring the call content for keywords. 

1 49. The telephony security system as defined in Claim 48 wherein one or more 

2 of said at least one action is performed using a remote management server and/or other 

3 peripheral device, 

4 said remote management server and/or other peripheral device performing said 

5 one or more of said at least one action from a group including: 

6 logging the call, 

7 recording the call content, 

8 monitoring the call content for keywords, 

9 generating a report, 

10 providing an alert, and 

1 1 adjusting the security policy. 
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1 50. The telephony security system as defined in Claim 48 wherein one or more 

2 of said at least one action may be preempted and/or complemented by a system 

3 administrator manually selecting one or more preemptive/complementary actions from a 

4 group including: 

5 allowing the call, 

6 denying the call, 

7 redirecting the call, 

8 logging the call, 

9 recording the call content, 

10 encrypting the call, 

1 1 generating a report, 

12 providing an alert, 

13 adjusting the security policy, and 

14 performing one or more assessments. 

1 51. The telephony security system as defined in Claim 48 wherein said action 

2 of generating a report includes generating at least one report from a group including: 

3 a post-event report, 

4 a schedule-generated report, 

5 an ad hoc report, 

6 a batch analysis report, 
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7 a trend report, and 

8 a difference/comparison report. 

1 52. The telephony security system as defined in Claim 48 wherein said action 

2 of generating an alert notification includes generating at least one alert notification from a 

3 group including: 

4 an electronic mail notification, 

5 a pager alerting notification, 

6 a console messaging notification, and 

7 a Simple Network Management Protocol (SNMP) trap. 
1 
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